CN117294537B - Computer network security protection method and system applying quantum encryption - Google Patents
Computer network security protection method and system applying quantum encryption Download PDFInfo
- Publication number
- CN117294537B CN117294537B CN202311582151.8A CN202311582151A CN117294537B CN 117294537 B CN117294537 B CN 117294537B CN 202311582151 A CN202311582151 A CN 202311582151A CN 117294537 B CN117294537 B CN 117294537B
- Authority
- CN
- China
- Prior art keywords
- quantum
- measurement
- key
- polarization
- spin
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000005259 measurement Methods 0.000 claims description 127
- 230000010287 polarization Effects 0.000 claims description 105
- 238000004891 communication Methods 0.000 claims description 92
- 238000012216 screening Methods 0.000 claims description 77
- 239000002096 quantum dot Substances 0.000 claims description 65
- 230000005540 biological transmission Effects 0.000 claims description 33
- 230000002159 abnormal effect Effects 0.000 claims description 31
- 238000004364 calculation method Methods 0.000 claims description 16
- 238000005520 cutting process Methods 0.000 claims description 13
- 238000012937 correction Methods 0.000 claims description 12
- 238000007781 pre-processing Methods 0.000 claims description 8
- 230000005856 abnormality Effects 0.000 claims description 6
- 239000013307 optical fiber Substances 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 description 4
- 230000007547 defect Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 241000700605 Viruses Species 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 239000003550 marker Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Abstract
The invention discloses a computer network security protection method and system applying quantum encryption, and relates to the technical field of network security.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a computer network security protection method and system applying quantum encryption.
Background
In the present information age, computer network security is still the focus of attention, traditional encryption methods face increasingly complex security threats, privacy and security in the data transmission process cannot be effectively protected, aiming at the defects of the prior art, the emerging quantum encryption technology becomes a popular research field for solving the data transmission security, and a computer network security protection method with quantum encryption as a core is gradually and widely focused, and becomes a leading-edge technical direction for guaranteeing network transmission security at present.
Traditional computer network encryption methods are difficult to deal with possible quantum computing attacks, so that a lot of sensitive data are easily damaged by unknown threats, for example, current data transmission encryption technology is worry when facing attacks, the safe transmission and storage of data cannot be effectively guaranteed, malicious codes or information can be inserted by hackers in the process of data transmission by tampering, the safety protection of the transmitted data is threatened, and the safety of data transmission is reduced.
Disclosure of Invention
(one) solving the technical problems
Aiming at the defects of the prior art, the invention provides a computer network security protection method and system applying quantum encryption, and solves the problems in the background art.
(II) technical scheme
In order to achieve the above purpose, the invention is realized by the following technical scheme: a computer network security protection method and system applying quantum encryption includes the following steps:
s1, key generation: generating a random and unpredictable security key through a quantum key distribution protocol;
s2, key distribution: respectively transmitting the security keys to both communication parties by utilizing the quantum channels through the generated security keys;
s3, key screening: carrying out fixed period time line cutting on quantum bits converted from the received security key by a measuring mode and a screening mode preset by a receiver, and further obtaining information by a measuring and screening mode preset by the receiver to form N1, N2, N3 to Nx group measuring and screening information sets;
s4, channel assessment: n1, N2, N3 to Nx groups of measurement screening information sets are calculated in the same way, taking the N1 group of measurement screening information sets as an example, counting a first data set of a spin state and a second data set of a polarization state, calculating to obtain a quantum bit measurement index Clzs, comparing the quantum bit measurement index Clzs with a preset measurement threshold T, and establishing a channel or feeding back an abnormality according to a comparison result;
the measurement index Clzs is obtained by the following formula:
Clzs=[(A*Zxxs)+(B*Jhxs)]+C
wherein Zxxs represents a spin state coefficient, jhxs represents a polarization state coefficient, a and B represent proportional coefficients of the spin state coefficient Zxxs and the polarization state coefficient Jhxs, respectively, and C represents a correction constant;
the spin state coefficients Zxxs are obtained through calculation of a first data set;
the polarization state coefficient Jhxs is obtained through calculation of a second data set;
s5, communication transmission: and carrying out quantum encryption on the communication content by using the generated shared quantum key, and protecting the safety of the communication content.
Preferably, the quantum key distribution protocol comprises: BBM92 protocol, BB84 protocol, and B92 protocol;
the security key is randomly generated by a key generation algorithm, comprising: an algorithm based on random number generation, an algorithm based on quantum state measurement, an algorithm based on a hash function, and an algorithm based on Diffie-Hellman key exchange.
Preferably, the generated security key is converted into specific quantum state information by utilizing a specific quantum bit coding algorithm, and the coded quantum state information is transmitted to both communication parties;
the qubit encoding algorithm includes: BB84 coding algorithm, E91 coding algorithm, time-bin coding algorithm, phase coding algorithm, superposition coding and Polarization coding;
the communication mode comprises the following steps: specific quantum devices and optical fiber communication.
Preferably, the received qubit information is time-stamped, the receiving time and sequence of each qubit are marked, and initialization marking is carried out for fixed-period time line cutting operation;
and carrying out sectional division on the marked qubit information according to a fixed period time line to form N1, N2, N3 to Nx group measurement screening information sets, wherein the N1, N2, N3 to Nx group measurement screening information sets contain the same quantity of qubit information.
Preferably, measuring the screening information set includes: spin state information and polarization state information;
spin state information: integrating spin states of the qubits and specific angular momentum of the spins and orientation information of the spins;
polarization state information: the polarization state of the qubit and the polarization direction, polarization angle and polarization intensity information of the qubit are integrated.
Preferably, the spin state first data set comprises: a number of spin states Lsl of 0 and a number of spin states Ysl of 1;
the polarization state second data set includes: a number of horizontal polarizations Spjh and a number of vertical polarizations Czjh;
calculating a first data set of spin states and a second data set of polarization states, obtaining a measurement index Clzs of quantum bits, and comparing the measurement index Clzs with a measurement threshold T preset by a receiver;
the comparison mode is as follows:
the measurement threshold T is less than the measurement index Clzs, the Nx group measurement screening information set is not accepted, a communication channel is not established, and abnormal information is fed back to both communication parties;
the measurement threshold T is larger than or equal to the measurement index Clzs, a measurement screening information set of Nx groups is received, a communication channel is established, and a shared quantum key for encrypted communication is generated.
Preferably, the spin state coefficient Zxxs is obtained by the following formula:
the method comprises the steps of calculating the number Lsl of spin states which are 0 and the number Ysl of spin states which are 1, obtaining the ratio value of an Nx group measurement screening information set of the number Lsl of spin states which are 0 and the number Ysl of spin states which are 1, comparing the ratio value with a spin ratio threshold Z which is preset by a receiver and is 0, and obtaining:
spin state coefficients Zxxs < spin ratio threshold Z, and not accepting the Nx group measurement screening information set;
spin state coefficients Zxxs are more than or equal to spin proportion threshold Z, and a measurement screening information set of Nx groups is accepted;
to achieve the purpose of eliminating abnormal information for the first time, D represents a correction constant.
Preferably, the polarization state coefficient Jhxs is obtained by the following formula:
calculating through the number Spjh of horizontal polarization and the number Czjh of vertical polarization, obtaining the proportion value of the Nx group measurement screening information set of the number Spjh of horizontal polarization and the number Czjh of vertical polarization, and comparing through a polarization proportion threshold J preset by a receiver to obtain:
the polarization state coefficient Jhxs is smaller than the polarization proportion threshold J, and the measurement screening information set of the Nx group is not accepted;
the polarization state coefficient Jhxs is more than or equal to the polarization proportion threshold J, and a measurement screening information set of Nx groups is accepted;
to achieve the purpose of eliminating abnormal information for the second time, E represents a correction constant.
Preferably, the communication content is quantum encrypted by sharing the quantum key, and the encryption steps are as follows:
the first step: converting the communication content into binary or qubit form;
and a second step of: then carrying out quantum encryption setting by using the generated shared quantum key;
and a third step of: converting data to be transmitted into binary or quantum bit form, then using quantum gate operation to code and operate the quantum bit, changing the state of the quantum bit to realize encryption function;
fourth step: the encrypted quantum bit is transmitted to a receiver through a quantum channel;
fifth step: the receiver uses the same shared quantum key to decrypt the received quantum bit, thereby restoring the original communication content;
so as to protect the communication content and further improve the safety of the transmission of the communication content.
A computer network security protection method and system applying quantum encryption comprises a generation and distribution module, a key preprocessing module, a channel establishing module and a transmission module;
the generation and distribution module generates a random unpredictable safety key through a quantum key distribution protocol, and then transmits the key to both communication parties by utilizing a quantum channel;
the key preprocessing module performs fixed period time line cutting on quantum bits converted from the received security key through a receiving party to form N1, N2, N3 to Nx group measurement screening information sets;
the channel establishing module calculates N1, N2, N3 to Nx groups of measurement screening information sets in the same way, takes the N1 group of measurement screening information sets as an example, counts a first data set of a spin state and a second data set of a polarization state, calculates the first data set and the second data set, obtains a measurement index Clzs of a quantum bit, compares the measurement index Clzs with a preset measurement threshold T, and establishes a channel or feeds back an abnormality according to a comparison result;
and establishing a channel through the transmission module, and carrying out quantum encryption on the communication content by using the generated shared quantum key, so as to protect the safety of the communication content.
(III) beneficial effects
The invention provides a computer network security protection method and system applying quantum encryption, which have the following beneficial effects:
(1) According to the method, a random unpredictable secure key generated through a quantum key distribution protocol is transmitted to two communication parties by utilizing a quantum channel, the received secure key is converted into quantum bits, fixed period time line cutting is carried out to form N1, N2 and N3 to Nx group measurement screening information sets, the N1 group measurement screening information sets are taken as an example, a spin state first data set and a polarization state second data set are counted, calculation is carried out to obtain a measurement index Clzs of the quantum bits, a channel is established or abnormal feedback is carried out according to a preset measurement threshold T and the measurement index Clzs, quantum encryption is carried out on communication contents by utilizing the generated shared quantum key, the safety of the communication contents is protected, and the invasion condition of data caused by a third party or other threats in the data transmission process is reduced as far as possible.
(2) The spin proportion threshold Z and the polarization proportion threshold J are compared with the spin state coefficient Zxxs and the polarization state coefficient Jhxs, abnormal information is filtered and removed, a screening mechanism based on quantum bit information is formed, abnormal information is removed, safety and reliability of communication content are ensured, the strict measurement threshold T, the spin proportion threshold Z, the polarization proportion threshold J and live information are compared, accurate judgment is carried out when data are received, possible data pollution and tampering are avoided, safety transmission of communication content is guaranteed, and the effect of computer network safety protection is improved.
(3) In the system, a security key is transmitted to both communication parties through a generation and distribution module, a quantum bit converted from the received security key is subjected to fixed period time line cutting through a key preprocessing module through a receiving party to form N1, N2, N3 to Nx group measurement and screening information sets, a channel establishment module carries out statistics to obtain a first data set in a spin state and a second data set in a polarization state, a measurement index Clzs of the quantum bit is obtained after calculation, the measurement index Clzs is synchronously compared with a preset measurement threshold T, a comparison result is obtained and fed back, and according to the content of the comparison result, a transmission module establishes a channel and carries out quantum encryption on the communication content by using the generated shared quantum key, so that the security of the communication content is protected.
Drawings
FIG. 1 is a schematic diagram of a method for protecting computer network security by quantum encryption;
FIG. 2 is a block diagram of a system for securing a computer network using quantum cryptography according to the present invention.
Detailed Description
The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are only some embodiments of the present invention, but not all embodiments, and all other embodiments obtained by those skilled in the art without making any inventive effort based on the embodiments of the present invention are within the scope of protection of the present invention.
In the present information age, computer network security is still the focus of attention, traditional encryption methods face increasingly complex security threats, privacy and security in the data transmission process cannot be effectively protected, aiming at the defects of the prior art, the emerging quantum encryption technology becomes a popular research field for solving the data transmission security, and a computer network security protection method with quantum encryption as a core is gradually and widely focused, and becomes a leading-edge technical direction for guaranteeing network transmission security at present.
Traditional computer network encryption methods are difficult to deal with possible quantum computing attacks, so that a lot of sensitive data are easily damaged by unknown threats, for example, current data transmission encryption technology is worry when facing attacks, the safe transmission and storage of data cannot be effectively guaranteed, malicious codes or information can be inserted by hackers in the process of data transmission by tampering, the safety protection of the transmitted data is threatened, and the safety of data transmission is reduced.
Example 1
The invention provides a computer network security protection method applying quantum encryption, please refer to FIG. 1, comprising the following steps of
S1, key generation: generating a random and unpredictable security key through a quantum key distribution protocol;
s2, key distribution: respectively transmitting the security keys to both communication parties by utilizing the quantum channels through the generated security keys;
s3, key screening: carrying out fixed period time line cutting on quantum bits converted from the received security key by a measuring mode and a screening mode preset by a receiver, and further obtaining information by a measuring and screening mode preset by the receiver to form N1, N2, N3 to Nx group measuring and screening information sets;
s4, channel assessment: n1, N2, N3 to Nx groups of measurement screening information sets are calculated in the same way, taking the N1 group of measurement screening information sets as an example, counting a first data set of a spin state and a second data set of a polarization state, calculating to obtain a quantum bit measurement index Clzs, comparing the quantum bit measurement index Clzs with a preset measurement threshold T, and establishing a channel or feeding back an abnormality according to a comparison result;
the measurement index Clzs is obtained by the following formula:
Clzs=[(A*Zxxs)+(B*Jhxs)]+C
wherein Zxxs represents a spin state coefficient, jhxs represents a polarization state coefficient, a and B represent proportional coefficients of the spin state coefficient Zxxs and the polarization state coefficient Jhxs, respectively, and C represents a correction constant;
wherein A is more than or equal to 0.34 and less than or equal to 0.49,0.32, B is more than or equal to 0.51, and A+B is more than or equal to 1.0;
the spin state coefficients Zxxs are obtained through calculation of a first data set;
the polarization state coefficient Jhxs is obtained through calculation of a second data set;
s5, communication transmission: and carrying out quantum encryption on the communication content by using the generated shared quantum key, and protecting the safety of the communication content.
In this embodiment, a random and unpredictable secure key generated by a quantum key distribution protocol is transmitted to both communication parties by using a quantum channel, the received secure key is converted into quantum bits, and is subjected to fixed period time line cutting to form N1, N2, N3 to Nx group measurement screening information sets, and the calculation mode is the same, and the N1 group measurement screening information sets are taken as an example, so as to count a spin state first data set and a polarization state second data set, calculate, obtain a measurement index Clzs of the quantum bits, compare the measurement index Clzs with a preset measurement threshold T, establish a channel or perform abnormal feedback according to a comparison result, perform quantum encryption on communication contents by using the generated shared quantum key, protect the security of the communication contents, and reduce the intrusion of data caused by a third party or other threats in the data transmission process as much as possible.
Example 2
This embodiment is explained in embodiment 1, please refer to fig. 1, specifically: the quantum key distribution protocol includes: BBM92 protocol, BB84 protocol, and B92 protocol;
the security key is randomly generated by a key generation algorithm, comprising: an algorithm based on random number generation, an algorithm based on quantum state measurement, an algorithm based on a hash function, and an algorithm based on Diffie-Hellman key exchange.
Converting the generated security key into specific quantum state information by utilizing a specific quantum bit coding algorithm, wherein the specific quantum state information comprises specific spin and polarization states of the quantum bits mapped by the security key, and transmitting the coded quantum state information to two communication parties;
the qubit encoding algorithm includes: BB84 coding algorithm, E91 coding algorithm, time-bin coding algorithm, phase coding algorithm, superposition coding and Polarization coding;
the communication mode comprises the following steps: specific quantum devices and optical fiber communication.
Time marking is carried out on the received quantum bit information, the received quantum bit information is time marked through a specific quantum time marker, the receiving time and sequence of each quantum bit are further marked, and initialization marking is carried out for the fixed period time line cutting operation;
the marked qubit information is segmented according to a fixed period time line to form N1, N2, N3 to Nx group measurement screening information sets, so that the N1, N2, N3 to Nx group measurement screening information sets contain the same quantity of qubit information, and the marked qubit information is used for periodic segmented division, so that each time period contains the same quantity of qubit information.
The measurement screening information set includes: spin state information and polarization state information;
spin state information: the method comprises the steps of integrating the spin state of the quantum bit, the specific angular momentum of the spin and the orientation information of the spin, and simultaneously accurately acquiring the specific angular momentum information of the quantum bit spin and acquiring the specific angular momentum information of the spin, including the angular velocity of the spin and the angular acceleration related data of the spin, through a preset spin state acquisition device;
polarization state information: the polarization state of the quantum bit, the polarization direction, the polarization angle and the polarization intensity information of the quantum bit are integrated, and meanwhile, the direction information of the polarization state of the quantum bit, including the direction of the polarization direction and the change of the polarization direction, is obtained through a preset polarization state acquisition device.
Example 3
This embodiment is explained in embodiment 1, please refer to fig. 1, specifically:
the spin state first data set includes: a number of spin states Lsl of 0 and a number of spin states Ysl of 1;
the polarization state second data set includes: a number of horizontal polarizations Spjh and a number of vertical polarizations Czjh;
calculating a first data set of spin states and a second data set of polarization states, obtaining a measurement index Clzs of quantum bits, and comparing the measurement index Clzs with a measurement threshold T preset by a receiver;
the comparison mode is as follows:
the method comprises the steps that a measurement threshold T is smaller than a measurement index Clzs, a measurement screening information set of an Nx group is not accepted, a communication channel is not established, abnormal information is fed back to two communication parties, the two communication parties are ensured to know the abnormal information, emergency measures are further made for safety protection of the information, the network is closed, the communication equipment is disconnected, virus of the whole system is checked and killed, the number of times of the measurement screening information set of the Nx group is not accepted is recorded by the system, rejection times Jscs are formed, statistics is carried out on the number of times of the measurement screening information set of the Nx group, an abnormal proportion value X is obtained, the abnormal proportion value X is compared with the abnormal proportion threshold S, an abnormal alarm is sent to the two communication parties or no information is sent according to a comparison result, the two communication parties are disconnected for twenty-four hours according to an IP address or a server after the abnormal alarm information is sent, and network safety and sufficient time of the two communication parties are ensured for self checking;
the abnormal proportional value X is obtained by the following calculation method:
abnormal ratio value x=jscs/Nx;
the abnormal proportion value X is less than the abnormal proportion threshold S, and no information is sent to both communication parties;
the abnormal proportion value X is more than or equal to the abnormal proportion threshold S, an abnormal alarm is sent to the two communication parties, the threat of information leakage exists, and the two communication parties are disconnected for more than twenty-four hours according to the IP address or the server, so that the network safety of the two communication parties and the sufficient time for self-checking are ensured.
The measurement threshold T is more than or equal to the measurement index Clzs, a measurement screening information set of the Nx group is received, a communication channel is established, a shared quantum key for encrypted communication is generated, the safety protection effect of communication content is further enhanced, and the situation that the communication content is stolen and tampered in the transmission process is reduced as much as possible.
The spin state coefficient Zxxs is obtained by the following formula:
the method comprises the steps of calculating the number Lsl of spin states which are 0 and the number Ysl of spin states which are 1, obtaining the ratio value of an Nx group measurement screening information set of the number Lsl of spin states which are 0 and the number Ysl of spin states which are 1, comparing the ratio value with the spin ratio threshold Z which is preset by a receiver and is 0 being 80%, and obtaining:
spin state coefficient Zxxs < spin proportion threshold Z is 80%, and the Nx group measurement screening information set is not accepted;
spin state coefficient Zxxs is more than or equal to spin proportion threshold Z which is 80%, and a measurement screening information set of Nx groups is accepted;
to achieve the purpose of eliminating abnormal information for the first time, D represents a correction constant.
The polarization state coefficient Jhxs is obtained by the following formula:
calculating through the number Spjh of horizontal polarization and the number Czjh of vertical polarization, obtaining a proportion value of a measurement screening information set of Nx groups of the number Spjh of horizontal polarization and the number Czjh of vertical polarization, comparing through 70% of a polarization proportion threshold J preset by a receiver, and obtaining:
the polarization state coefficient Jhxs is less than the polarization proportion threshold J and is 70%, and the Nx group measurement screening information set is not accepted;
the polarization state coefficient Jhxs is more than or equal to the polarization proportion threshold J and is 70%, and a measurement screening information set of the Nx group is accepted;
the purpose of eliminating abnormal information for the second time is achieved, and E represents a correction constant;
the measurement threshold T, the spin ratio threshold Z are 80% and the polarization ratio threshold J is 70%, wherein the spin ratio threshold Z, the polarization ratio threshold J and the measurement threshold are set usually based on the fact that the receiver and the sender mutually determine actual communication requirements and safety requirements, and are set after evaluation by related personnel, and then the purpose of screening and eliminating abnormal information is achieved through the setting of the spin ratio threshold Z and the polarization ratio threshold J.
The communication content is quantum encrypted through the shared quantum key, and the encryption steps are as follows:
the first step: converting the communication content into a binary or quantum bit form, wherein the communication content to be transmitted is text information, and converting the text into the binary form by utilizing a specific coding mode;
if the image or audio multimedia content is to be transmitted, the system converts the image or audio multimedia content into a quantum bit form;
and a second step of: then carrying out quantum encryption setting by using the generated shared quantum key;
and a third step of: converting data to be transmitted into binary or quantum bit form, then using quantum gate operation to code and operate the quantum bit, changing the state of the quantum bit to realize encryption function;
fourth step: the encrypted quantum bit is transmitted to a receiver through a quantum channel;
fifth step: the receiver uses the same shared quantum key to decrypt the received quantum bit, thereby restoring the original communication content;
the method and the device achieve the protection of the communication content, further improve the safety of the transmission of the communication content, and particularly, encrypt the converted communication content by using a specific encryption algorithm or protocol in the quantum key and combining the characteristics of the quantum bit.
In the example, abnormal information is filtered and removed through the spin state coefficient Zxxs and the polarization state coefficient Jhxs, so that a screening mechanism based on quantum bit information is formed, abnormal information is removed, safety and reliability of communication content are guaranteed, a strict measurement threshold T, a spin proportion threshold Z, a polarization proportion threshold J and live information are compared, accurate judgment is carried out when data are received, possible data pollution and tampering are avoided, safe transmission of the communication content is guaranteed, and the effect of computer network safety protection is improved.
Example 4
Referring to fig. 2, a computer network security protection system applying quantum encryption is specifically shown: the system comprises a generation and distribution module, a key preprocessing module, a channel establishing module and a transmission module;
the generation and distribution module generates a random unpredictable safety key through a quantum key distribution protocol, and then transmits the key to both communication parties by utilizing a quantum channel;
the key preprocessing module performs fixed period time line cutting on quantum bits converted from the received security key through a receiving party to form N1, N2, N3 to Nx group measurement screening information sets;
the channel establishing module calculates N1, N2, N3 to Nx groups of measurement screening information sets in the same way, takes the N1 group of measurement screening information sets as an example, counts a first data set of a spin state and a second data set of a polarization state, calculates the first data set and the second data set, obtains a measurement index Clzs of a quantum bit, compares the measurement index Clzs with a preset measurement threshold T, and establishes a channel or feeds back an abnormality according to a comparison result;
and the specific execution is carried out according to the comparison result content of the channel establishing module, the channel is established through the transmission module, the generated shared quantum key is used for carrying out quantum encryption on the communication content, and the safety of the communication content is protected.
In this embodiment, the secure key is transmitted to both communication parties through the generation and distribution module, the secure key is converted into the quantum bit through the key preprocessing module through the receiving party, the fixed period time line cutting is performed to form N1, N2, N3 to Nx group measurement and screening information sets, the channel establishment module performs statistics to obtain the first data set of the spin state and the second data set of the polarization state, the measurement index Clzs of the quantum bit is obtained after calculation, the comparison result is obtained and fed back synchronously with the preset measurement threshold T, and according to the comparison result content, the transmission module establishes a channel and performs quantum encryption on the communication content by using the generated shared quantum key, so as to protect the security of the communication content.
Specific examples: a computer network security protection method and system using quantum cryptography for a certain communication computer will use specific parameters and values to demonstrate how to calculate: measuring an index Clzs, a spin state coefficient Zxxs and a polarization state coefficient Jhxs;
the calculation modes of N1, N2, N3 to Nx groups of measurement screening information sets are the same, and the calculation is carried out by taking the N1 group of measurement screening information sets as an example;
assume that the following parameter values are owned:
spin state first data set: number of spin states Lsl of 0: number of spin states Ysl of 35 and 1: 15, correction constant D:1%;
obtaining according to a calculation formula of the spin state coefficient Zxxs:
Zxxs=[35/(15+35)*100%]+1%=71%
comparing the spin ratio threshold Z with the preset spin state of 0 at the receiving side to obtain: spin state coefficient Zxxs < spin proportion threshold Z is 80%, and the Nx group measurement screening information set is not accepted;
polarization state second dataset: the number of horizontal polarizations Spjh:80 and the number of vertical polarizations Czjh:10, correction constant E:1%;
obtaining according to a calculation formula of the polarization state coefficient Jhxs:
Jhxs=[(70/(80+10)*100%]+1%=89%
comparing the preset polarization proportion threshold J of the receiver to obtain: the polarization state coefficient Jhxs is more than or equal to the polarization proportion threshold J and is 70%, and a measurement screening information set of the Nx group is accepted;
filtering the measurement screening information set of the Nx group through the spin state coefficient Zxxs and the polarization state coefficient Jhxs, and determining to establish a channel or feedback through counting the proportional value of the spin state coefficient Zxxs and the polarization state coefficient Jhxs;
scaling factor: a:41% and B:46%, correction constant C:1%;
obtaining according to a calculation formula of the measurement index Clzs:
Clzs=[(41%*71%)+(46%*89%)]+1%=71%
by evaluation by related personnel, setting the measurement threshold T to be 85%, and comparing the measurement threshold T with the measurement index Clzs to obtain:
the measurement threshold T is less than the measurement index Clzs, a measurement screening information set of the Nx group is not accepted, a communication channel is not established, abnormal information is fed back to both communication parties, the abnormal information is known by both communication parties, and further emergency measures are made for information safety protection, including closing a network, disconnecting communication equipment and carrying out full-disc virus checking and killing on the system.
Although embodiments of the present invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made therein without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (10)
1. A computer network security protection method applying quantum encryption is characterized in that: comprises the following steps
S1, key generation: generating a random and unpredictable security key through a quantum key distribution protocol;
s2, key distribution: respectively transmitting the security keys to both communication parties by utilizing the quantum channels through the generated security keys;
s3, key screening: carrying out fixed period time line cutting on quantum bits converted from the received security key by a measuring mode and a screening mode preset by a receiver, and further obtaining information by a measuring and screening mode preset by the receiver to form N1, N2, N3 to Nx group measuring and screening information sets;
s4, channel assessment: n1, N2, N3 to Nx groups of measurement screening information sets are calculated in the same way, taking the N1 group of measurement screening information sets as an example, counting a first data set of a spin state and a second data set of a polarization state, calculating to obtain a quantum bit measurement index Clzs, comparing the quantum bit measurement index Clzs with a preset measurement threshold T, and establishing a channel or feeding back an abnormality according to a comparison result;
the measurement index Clzs is obtained by the following formula:
Clzs=[(A*Zxxs)+(B*Jhxs)]+C
wherein Zxxs represents a spin state coefficient, jhxs represents a polarization state coefficient, a and B represent proportional coefficients of the spin state coefficient Zxxs and the polarization state coefficient Jhxs, respectively, and C represents a correction constant;
the spin state coefficients Zxxs are obtained through calculation of a first data set;
the polarization state coefficient Jhxs is obtained through calculation of a second data set;
s5, communication transmission: and carrying out quantum encryption on the communication content by using the generated shared quantum key, and protecting the safety of the communication content.
2. A method for securing a computer network using quantum cryptography as defined in claim 1, wherein:
the quantum key distribution protocol includes: BBM92 protocol, BB84 protocol, and B92 protocol;
the security key is randomly generated by a key generation algorithm, comprising: an algorithm based on random number generation, an algorithm based on quantum state measurement, an algorithm based on a hash function, and an algorithm based on Diffie-Hellman key exchange.
3. A method for securing a computer network using quantum cryptography as defined in claim 1, wherein:
converting the generated security key into specific quantum state information by utilizing a specific quantum bit coding algorithm, and transmitting the coded quantum state information to two communication parties;
the qubit encoding algorithm includes: BB84 coding algorithm, E91 coding algorithm, time-bin coding algorithm, phase coding algorithm, superposition coding and Polarization coding;
the communication mode comprises the following steps: specific quantum devices and optical fiber communication.
4. A method for securing a computer network using quantum cryptography as defined in claim 1, wherein:
carrying out time marking on the received quantum bit information, marking the receiving time and sequence of each quantum bit, and carrying out initialization marking on the fixed-period time line cutting operation;
and carrying out sectional division on the marked qubit information according to a fixed period time line to form N1, N2, N3 to Nx group measurement screening information sets, wherein the N1, N2, N3 to Nx group measurement screening information sets contain the same quantity of qubit information.
5. The method for protecting the security of a computer network by using quantum cryptography according to claim 4, wherein:
the measurement screening information set includes: spin state information and polarization state information;
spin state information: integrating spin states of the qubits and specific angular momentum of the spins and orientation information of the spins;
polarization state information: the polarization state of the qubit and the polarization direction, polarization angle and polarization intensity information of the qubit are integrated.
6. A method for securing a computer network using quantum cryptography as defined in claim 1, wherein:
the spin state first data set includes: a number of spin states Lsl of 0 and a number of spin states Ysl of 1;
the polarization state second data set includes: a number of horizontal polarizations Spjh and a number of vertical polarizations Czjh;
calculating a first data set of spin states and a second data set of polarization states, obtaining a measurement index Clzs of quantum bits, and comparing the measurement index Clzs with a measurement threshold T preset by a receiver;
the comparison mode is as follows:
the measurement threshold T is less than the measurement index Clzs, the Nx group measurement screening information set is not accepted, a communication channel is not established, and abnormal information is fed back to both communication parties;
the measurement threshold T is larger than or equal to the measurement index Clzs, a measurement screening information set of Nx groups is received, a communication channel is established, and a shared quantum key for encrypted communication is generated.
7. The method for protecting the security of a computer network by using quantum cryptography according to claim 6, wherein:
the spin state coefficient Zxxs is obtained by the following formula:
the method comprises the steps of calculating the number Lsl of spin states which are 0 and the number Ysl of spin states which are 1, obtaining the ratio value of an Nx group measurement screening information set of the number Lsl of spin states which are 0 and the number Ysl of spin states which are 1, comparing the ratio value with a spin ratio threshold Z which is preset by a receiver and is 0, and obtaining:
spin state coefficients Zxxs < spin ratio threshold Z, and not accepting the Nx group measurement screening information set;
spin state coefficients Zxxs are more than or equal to spin proportion threshold Z, and a measurement screening information set of Nx groups is accepted;
to achieve the purpose of eliminating abnormal information for the first time, D represents a correction constant.
8. The method for protecting computer network security by using quantum cryptography as claimed in claim 7, wherein the method comprises the steps of
The polarization state coefficient Jhxs is obtained by the following formula:
calculating through the number Spjh of horizontal polarization and the number Czjh of vertical polarization, obtaining the proportion value of the Nx group measurement screening information set of the number Spjh of horizontal polarization and the number Czjh of vertical polarization, and comparing through a polarization proportion threshold J preset by a receiver to obtain:
the polarization state coefficient Jhxs is smaller than the polarization proportion threshold J, and the measurement screening information set of the Nx group is not accepted;
the polarization state coefficient Jhxs is more than or equal to the polarization proportion threshold J, and a measurement screening information set of Nx groups is accepted;
to achieve the purpose of eliminating abnormal information for the second time, E represents a correction constant.
9. The method for protecting the security of a computer network by using quantum cryptography according to claim 6, wherein:
the communication content is quantum encrypted through the shared quantum key, and the encryption steps are as follows:
the first step: converting the communication content into binary or qubit form;
and a second step of: then carrying out quantum encryption setting by using the generated shared quantum key;
and a third step of: converting data to be transmitted into binary or quantum bit form, then using quantum gate operation to code and operate the quantum bit, changing the state of the quantum bit to realize encryption function;
fourth step: the encrypted quantum bit is transmitted to a receiver through a quantum channel;
fifth step: the receiver uses the same shared quantum key to decrypt the received quantum bit, thereby restoring the original communication content;
so as to protect the communication content and further improve the safety of the transmission of the communication content.
10. A computer network security protection system applying quantum encryption, comprising a computer network security protection method applying quantum encryption as claimed in any one of claims 1 to 9, characterized in that: the system comprises a generation and distribution module, a key preprocessing module, a channel establishing module and a transmission module;
the generation and distribution module generates a random unpredictable safety key through a quantum key distribution protocol, and further transmits the key to both communication parties by utilizing a quantum channel;
the key preprocessing module performs fixed period time line cutting on quantum bits converted from the received security key through a receiving party to form N1, N2, N3 to Nx group measurement screening information sets;
the channel establishing module calculates N1, N2, N3 to Nx groups of measurement screening information sets in the same way, takes the N1 group of measurement screening information sets as an example, counts out a first data set of a spin state and a second data set of a polarization state, calculates the first data set and the second data set, obtains a measurement index Clzs of a quantum bit, compares the measurement index Clzs with a preset measurement threshold T, and establishes a channel or feeds back an abnormality according to a comparison result;
and the transmission module establishes a channel and performs quantum encryption on the communication content by using the generated shared quantum key, so as to protect the safety of the communication content.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311582151.8A CN117294537B (en) | 2023-11-24 | 2023-11-24 | Computer network security protection method and system applying quantum encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311582151.8A CN117294537B (en) | 2023-11-24 | 2023-11-24 | Computer network security protection method and system applying quantum encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117294537A CN117294537A (en) | 2023-12-26 |
| CN117294537B true CN117294537B (en) | 2024-03-19 |
Family
ID=89248416
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311582151.8A Active CN117294537B (en) | 2023-11-24 | 2023-11-24 | Computer network security protection method and system applying quantum encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117294537B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105553648A (en) * | 2014-10-30 | 2016-05-04 | 阿里巴巴集团控股有限公司 | Quantum key distribution, privacy amplification and data transmission methods, apparatuses, and system |
| CN110011792A (en) * | 2019-03-06 | 2019-07-12 | 暨南大学 | Single step quantum key distribution post-processing approach, system, medium and equipment based on polarization code |
| CN111669270A (en) * | 2020-04-24 | 2020-09-15 | 江苏航天神禾科技有限公司 | Quantum encryption transmission method and device based on label switching |
| CN116132042A (en) * | 2023-04-13 | 2023-05-16 | 南京汇荣信息技术有限公司 | Quantum technology-based network security data encryption method and system |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8190553B2 (en) * | 2007-12-20 | 2012-05-29 | Routt Thomas J | Methods and systems for quantum search, computation and memory |
| JP5978917B2 (en) * | 2012-10-22 | 2016-08-24 | 沖電気工業株式会社 | Multi-terminal quantum key distribution system |
| US10958626B2 (en) * | 2018-07-25 | 2021-03-23 | Bank Of America Corporation | End to end encryption on a network without using certificates |
| GB2616048A (en) * | 2022-02-25 | 2023-08-30 | Toshiba Kk | A quantum network and authentication method |
-
2023
- 2023-11-24 CN CN202311582151.8A patent/CN117294537B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105553648A (en) * | 2014-10-30 | 2016-05-04 | 阿里巴巴集团控股有限公司 | Quantum key distribution, privacy amplification and data transmission methods, apparatuses, and system |
| CN110011792A (en) * | 2019-03-06 | 2019-07-12 | 暨南大学 | Single step quantum key distribution post-processing approach, system, medium and equipment based on polarization code |
| CN111669270A (en) * | 2020-04-24 | 2020-09-15 | 江苏航天神禾科技有限公司 | Quantum encryption transmission method and device based on label switching |
| CN116132042A (en) * | 2023-04-13 | 2023-05-16 | 南京汇荣信息技术有限公司 | Quantum technology-based network security data encryption method and system |
Non-Patent Citations (1)
| Title |
|---|
| 兼容量子通信网络的设计与性能仿真;周利波;中国优秀硕士学位论文全文数据库 信息科技辑(第03期);第I136-824页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117294537A (en) | 2023-12-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8082443B2 (en) | Pedigrees for quantum cryptography | |
| US20040184615A1 (en) | Systems and methods for arbitrating quantum cryptographic shared secrets | |
| CN101040483A (en) | Two non-orthogonal states quantum cryptography method and apparatus with intra-and inter-qubit interference for eavesdropper detection | |
| Niemiec et al. | Management of security in quantum cryptography | |
| Sasi et al. | A general comparison of symmetric and asymmetric cryptosystems for WSNs and an overview of location based encryption technique for improving security | |
| Pljonkin et al. | The review of the commercial quantum key distribution system | |
| CN102710661B (en) | Cloud storage and aggregation architecture and data storage and aggregation method by using same | |
| CN111726346B (en) | Data secure transmission method, device and system | |
| CN111797431B (en) | Encrypted data anomaly detection method and system based on symmetric key system | |
| US8788817B1 (en) | Methods and apparatus for secure and reliable transmission of messages over a silent alarm channel | |
| CN1305250C (en) | Safe quantum communication method | |
| CN117294537B (en) | Computer network security protection method and system applying quantum encryption | |
| Patil et al. | Analysis of cryptography: classical verses quantum cryptography | |
| Ahilan et al. | Breaking barriers in conventional cryptography by integrating with quantum key distribution | |
| CN113949591B (en) | Data encryption protection method and system based on block chain | |
| CN113411397A (en) | Data secure transmission method and system based on Internet of things | |
| Gilbert et al. | Secrecy, computational loads and rates in practical quantum cryptography | |
| Fauzia | Quantum Cryptography | |
| CN115829754B (en) | Transaction supervision method and device for privacy protection blockchain | |
| CN117240610B (en) | PLC module operation data transmission method and system based on data encryption | |
| Zhang | Application of hybrid encryption algorithm in physical layer software control | |
| CN109522749B (en) | Reference system independent and measuring equipment independent quantum privacy query method and system | |
| Alli et al. | Three Tier Framework Iris Authentication for Secure Image Storage and Communication | |
| CN116722970B (en) | Anti-attack gateway security system based on hardware implementation | |
| Anton | Experimental research of the mode of quantum keys distribution |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |